How to Disable Responses to Echo Requests - Securing the Network in Oracle® Solaris 11.2

Securing the Network in Oracle^® Solaris 11.2

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Securing the Network in Oracle^® ... » Tuning Your Network » Tuning the Network » How to Disable Responses to Echo Requests

Updated: August 2014

Securing the Network in Oracle^® Solaris 11.2

Document Information

Using This Documentation

Chapter 1 Using Link Protection in Virtualized Environments

Chapter 2 Tuning Your Network

Tuning the Network

How to Disable the Network Routing Daemon

How to Disable Broadcast Packet Forwarding

How to Disable Responses to Echo Requests

How to Set Strict Multihoming

How to Set Maximum Number of Incomplete TCP Connections

How to Set Maximum Number of Pending TCP Connections

How to Specify a Strong Random Number for Initial TCP Connection

How to Prevent ICMP Redirects

How to Reset Network Parameters to Secure Values

Chapter 3 Web Servers and the Secure Sockets Layer Protocol

Chapter 4 About IP Filter in Oracle Solaris

Chapter 5 Configuring IP Filter

Chapter 6 About IP Security Architecture

Chapter 7 Configuring IPsec

Chapter 8 About Internet Key Exchange

Chapter 9 Configuring IKEv2

Chapter 10 Configuring IKEv1

Chapter 11 Troubleshooting IPsec and Its Key Management Services

Chapter 12 IPsec and Key Management Reference

Network Security Glossary

Language:

How to Disable Responses to Echo Requests

Use this procedure to prevent the dissemination of information about the network topology.

Before You Begin

You must become an administrator who is assigned the Network Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .

Set the response to broadcast echo requests property to 0 for IP packets, then verify the current value.

# ipadm set-prop -p _respond_to_echo_broadcast=0 ip

# ipadm show-prop -p _respond_to_echo_broadcast ip
PROTO  PROPERTY                  PERM CURRENT   PERSISTENT   DEFAULT   POSSIBLE
ip    _respond_to_echo_broadcast rw   0         --           1         0,1

Set the response to multicast echo requests property to 0 for IP packets, then verify the current value.

# ipadm set-prop -p _respond_to_echo_multicast=0 ipv4
# ipadm set-prop -p _respond_to_echo_multicast=0 ipv6

# ipadm show-prop -p _respond_to_echo_multicast ipv4
PROTO  PROPERTY                  PERM CURRENT   PERSISTENT   DEFAULT   POSSIBLE
ipv4  _respond_to_echo_multicast rw   0         --           1         0,1
# ipadm show-prop -p _respond_to_echo_multicast ipv6
PROTO  PROPERTY                  PERM CURRENT   PERSISTENT   DEFAULT   POSSIBLE
ipv6  _respond_to_echo_multicast rw   0         --           1         0,1

See also

For more information, see _respond_to_echo_broadcast and _respond_to_echo_multicast (ipv4 or ipv6) in Oracle Solaris 11.2 Tunable Parameters Reference Manual and the ipadm(1M) man page.

Copyright © 1999, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices